mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
Browse Source

Forcibly clean and destroy the session on logout (#11447) (#11451) 

Backport #11447

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
tags/v1.11.6
zeripath 4 years ago
parent
878434146f
commit
de9a96c4de
No account linked to committer's email address
1 changed files with 2 additions and 5 deletions
Split View Show Diff Stats
  1. 2
    5
      routers/user/auth.go

+ 2
- 5
routers/user/auth.go View File

@@ -988,11 +988,8 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
}

func handleSignOut(ctx *context.Context) {
_ = ctx.Session.Delete("uid")
_ = ctx.Session.Delete("uname")
_ = ctx.Session.Delete("socialId")
_ = ctx.Session.Delete("socialName")
_ = ctx.Session.Delete("socialEmail")
_ = ctx.Session.Flush()
_ = ctx.Session.Destroy(ctx.Context)
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)

Write Preview
Loading…
Cancel
Save